Skip to content

Commit 0c1b5c3

Browse files
tautschnigtautschnig
committed
Use autoharness for num::<impl *>::wrapping_sh{l,r}
1 parent 889b8cd commit 0c1b5c3

File tree

2 files changed

+12
-62
lines changed

2 files changed

+12
-62
lines changed

.github/workflows/kani.yml

+12
Original file line numberDiff line numberDiff line change
@@ -82,6 +82,18 @@ jobs:
8282
--include-pattern alloc::layout::Layout::from_size_align \
8383
--include-pattern ascii::ascii_char::AsciiChar::from_u8 \
8484
--include-pattern char::convert::from_u32_unchecked \
85+
--include-pattern "num::<impl i8>::wrapping_sh" \
86+
--include-pattern "num::<impl i16>::wrapping_sh" \
87+
--include-pattern "num::<impl i32>::wrapping_sh" \
88+
--include-pattern "num::<impl i64>::wrapping_sh" \
89+
--include-pattern "num::<impl i128>::wrapping_sh" \
90+
--include-pattern "num::<impl isize>::wrapping_sh" \
91+
--include-pattern "num::<impl u8>::wrapping_sh" \
92+
--include-pattern "num::<impl u16>::wrapping_sh" \
93+
--include-pattern "num::<impl u32>::wrapping_sh" \
94+
--include-pattern "num::<impl u64>::wrapping_sh" \
95+
--include-pattern "num::<impl u128>::wrapping_sh" \
96+
--include-pattern "num::<impl usize>::wrapping_sh" \
8597
--include-pattern ptr::align_offset::mod_inv \
8698
--include-pattern ptr::alignment::Alignment::as_nonzero \
8799
--include-pattern ptr::alignment::Alignment::as_usize \

library/core/src/num/mod.rs

-62
Original file line numberDiff line numberDiff line change
@@ -1752,19 +1752,6 @@ mod verify {
17521752
}
17531753
}
17541754

1755-
// Verify `wrapping_{shl, shr}` which internally uses `unchecked_{shl,shr}`
1756-
macro_rules! generate_wrapping_shift_harness {
1757-
($type:ty, $method:ident, $harness_name:ident) => {
1758-
#[kani::proof_for_contract($type::$method)]
1759-
pub fn $harness_name() {
1760-
let num1: $type = kani::any::<$type>();
1761-
let num2: u32 = kani::any::<u32>();
1762-
1763-
let _ = num1.$method(num2);
1764-
}
1765-
};
1766-
}
1767-
17681755
// Part 3: Float to Integer Conversion function Harness Generation Macro
17691756
macro_rules! generate_to_int_unchecked_harness {
17701757
($floatType:ty, $($intType:ty, $harness_name:ident),+) => {
@@ -2142,55 +2129,6 @@ mod verify {
21422129
(u64::MAX / 2) + 10u64
21432130
);
21442131

2145-
// Part_2 `wrapping_shl` proofs
2146-
//
2147-
// Target types:
2148-
// i{8,16,32,64,128,size} and u{8,16,32,64,128,size} -- 12 types in total
2149-
//
2150-
// Target contracts:
2151-
// #[ensures(|result| *result == self << (rhs & (Self::BITS - 1)))]
2152-
//
2153-
// Target function:
2154-
// pub const fn wrapping_shl(self, rhs: u32) -> Self
2155-
//
2156-
// This function performs an panic-free bitwise left shift operation.
2157-
generate_wrapping_shift_harness!(i8, wrapping_shl, checked_wrapping_shl_i8);
2158-
generate_wrapping_shift_harness!(i16, wrapping_shl, checked_wrapping_shl_i16);
2159-
generate_wrapping_shift_harness!(i32, wrapping_shl, checked_wrapping_shl_i32);
2160-
generate_wrapping_shift_harness!(i64, wrapping_shl, checked_wrapping_shl_i64);
2161-
generate_wrapping_shift_harness!(i128, wrapping_shl, checked_wrapping_shl_i128);
2162-
generate_wrapping_shift_harness!(isize, wrapping_shl, checked_wrapping_shl_isize);
2163-
generate_wrapping_shift_harness!(u8, wrapping_shl, checked_wrapping_shl_u8);
2164-
generate_wrapping_shift_harness!(u16, wrapping_shl, checked_wrapping_shl_u16);
2165-
generate_wrapping_shift_harness!(u32, wrapping_shl, checked_wrapping_shl_u32);
2166-
generate_wrapping_shift_harness!(u64, wrapping_shl, checked_wrapping_shl_u64);
2167-
generate_wrapping_shift_harness!(u128, wrapping_shl, checked_wrapping_shl_u128);
2168-
generate_wrapping_shift_harness!(usize, wrapping_shl, checked_wrapping_shl_usize);
2169-
2170-
// Part_2 `wrapping_shr` proofs
2171-
//
2172-
// Target types:
2173-
// i{8,16,32,64,128,size} and u{8,16,32,64,128,size} -- 12 types in total
2174-
//
2175-
// Target contracts:
2176-
// #[ensures(|result| *result == self >> (rhs & (Self::BITS - 1)))]
2177-
// Target function:
2178-
// pub const fn wrapping_shr(self, rhs: u32) -> Self {
2179-
//
2180-
// This function performs an panic-free bitwise right shift operation.
2181-
generate_wrapping_shift_harness!(i8, wrapping_shr, checked_wrapping_shr_i8);
2182-
generate_wrapping_shift_harness!(i16, wrapping_shr, checked_wrapping_shr_i16);
2183-
generate_wrapping_shift_harness!(i32, wrapping_shr, checked_wrapping_shr_i32);
2184-
generate_wrapping_shift_harness!(i64, wrapping_shr, checked_wrapping_shr_i64);
2185-
generate_wrapping_shift_harness!(i128, wrapping_shr, checked_wrapping_shr_i128);
2186-
generate_wrapping_shift_harness!(isize, wrapping_shr, checked_wrapping_shr_isize);
2187-
generate_wrapping_shift_harness!(u8, wrapping_shr, checked_wrapping_shr_u8);
2188-
generate_wrapping_shift_harness!(u16, wrapping_shr, checked_wrapping_shr_u16);
2189-
generate_wrapping_shift_harness!(u32, wrapping_shr, checked_wrapping_shr_u32);
2190-
generate_wrapping_shift_harness!(u64, wrapping_shr, checked_wrapping_shr_u64);
2191-
generate_wrapping_shift_harness!(u128, wrapping_shr, checked_wrapping_shr_u128);
2192-
generate_wrapping_shift_harness!(usize, wrapping_shr, checked_wrapping_shr_usize);
2193-
21942132
// `f{16,32,64,128}::to_int_unchecked` proofs
21952133
//
21962134
// Target integer types:

0 commit comments

Comments
 (0)